<?php
/**
 * ============================================================================
 * 版权所有 2008-2011 多多网络，并保留所有权利。
 * 网站地址: http://soft.duoduo123.com；
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件！您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用；不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
*/
session_start();
error_reporting(0);
$isadmin=1;
include('comm/config.php');
include('comm/class_db.php');
include_once 'comm/page.class.php';
include_once 'comm/checkpostandget.php';
include_once 'comm/msgset.php';

$sj=date('Y-m-d H:i:s');

function json_to_array($web){
$arr=array();
foreach($web as $k=>$w){
if(is_object($w)) $arr[$k]=json_to_array($w);  //判断类型是不是object
else $arr[$k]=$w;
}
return $arr;
}

function over($word){
    echo $word;
	exit;
}

function directory_size($directory) {
      $directorySize=0;
/* Open the directory and read its contents. */
      if ($dh = @opendir($directory)) {
/* Iterate through each directory entry. */
         while (($filename = readdir ($dh))) {
/* Filter out some of the unwanted directory entries. */
            if ($filename != "." && $filename != "..")
            {
// File, so determine size and add to total.
               if (is_file($directory."/".$filename))
                  $directorySize += filesize($directory."/".$filename);
// New directory, so initiate recursion. */
                  if (is_dir($directory."/".$filename))
                     $directorySize += directory_size($directory."/".$filename);
            }
        } #endWHILE
     } #endIF
@closedir($dh);
     return $directorySize;
} #end directory_size()

function cacheSize(){
    echo round((directory_size($_GET['cache_dir']) / (1024*1024)), 2);
}

function checkLogin(){
	include('comm/conn.php');
	global $msg_zhuce;
	$name=trim($_POST['ddusername']);
	$pwd=trim($_POST['dduserpwd']);
	$md5pwd=md5($pwd);
	$sj=date('Y-m-d H:i:s');
	if(UC==1){
	    include 'data/config.inc.php';
		include 'uc_client/client.php';
		
		/////////////////////////////////////
	    $uc_name=iconv("utf-8","utf-8",$name);
		list ($uid, $uc_name, $pwd, $email) = uc_user_login($uc_name, $pwd);  
		/////////////////////////////////////
		
		if ($uid > 0) {
			$sql="SELECT Id,dengji FROM " . $BIAOTOU . "user WHERE ddusername='".$name."'";
			$query=mysql_query($sql);
			$dduser=mysql_fetch_array($query);
			$Id=$dduser['Id'];
			$dengji=$dengji['dengji'];
			if (!$Id) { //判断用户是否存在于用户表，不存在则加到多多的会员表中
				$sj = date("Y-m-d H:i:s");
				$insert = "INSERT INTO " . $BIAOTOU . "user(Id,ddusername,ddpassword,email,qq,regtime,lastlogintime,loginnum,tjr,pass_question,pass_answer,money,dengji) values ('$uid','$name','$pwd','$email','$qq','$sj','$sj',1,'$tjr','$question','$answer','" . ZHUCESONG . "','".ZHUCESONGLEVEL."')";
				mysql_query($insert);
				$tg = round(TGBL / FXBL * 100, 2);
				$msg_zhuce=str_replace("[name]",$name,$msg_zhuce);
				$msg_zhuce=str_replace("[WEBTITLE]",WEBTITLE,$msg_zhuce);
				$msg_zhuce=str_replace("[tg]",$tg,$msg_zhuce);
				$insert = "INSERT into ".$BIAOTOU."msg(ddusername,title,content,addtime,senduser) values ('$name','欢迎注册".WEBTITLE."','".$msg_zhuce."','".$sj."','网站客服')";
				mysql_query($insert);
				
				if (ZHUCESONG != 0) {
					$insert = "INSERT INTO " . $BIAOTOU . "mingxi(ddusername,shijian,je,addtime,memo) values ('" . $name . "','注册赠送','" . ZHUCESONG . "','" . $sj . "','注册赠送金额" . ZHUCESONG . "元')";
					mysql_query("set names utf8");
					mysql_query($insert);
					$msg_zhucesong=str_replace("[ZHUCESONG]",ZHUCESONG,$msg_zhucesong);
					$insert = "INSERT into ".$BIAOTOU."msg(ddusername,title,content,addtime,senduser) values ('$name','注册赠送','".$msg_zhucesong."','$sj','网站客服')";
					mysql_query($insert);
				}
			}
		}
	}
	
	$ddlink = mysql_connect($dbserver, $dbuser, $dbpass);
    mysql_select_db($dbname);
    mysql_query("set names utf8");
	
	if(UC==0){
	    $sql="select `Id`,`dengji` from ".$BIAOTOU."user where `ddusername`='$name' and `ddpassword`='$md5pwd'";
	    $query=mysql_query($sql);
	    $row=mysql_fetch_array($query);
		$uid=$row[0];
		$dengji=$row[1];
	}
	
	if($uid>0){//是否记录登陆状态
	    $sql="update ".$BIAOTOU."user set ddpassword='".$md5pwd."',loginnum=loginnum+1 ,lastlogintime='".$sj."' where `ddusername`='".$name."'"; //不管是否修改过，都更新密码
		mysql_query($sql);
	    $_SESSION['duoduouser'] = $name; 
		$_SESSION["dduserid"] = $uid;
		$_SESSION["dduserlevel"] = $dengji;
		setcookie("ddusername", $name, time()+1000*24*60*60,"/",SURL);
		setcookie("ddpassword", $md5pwd, time()+1000*24*60*60,"/",SURL);
	}
	return $uid;
}

function taobao_comment(){
    $plurl=$_GET['plurl'];
$s=file_get_contents($plurl);
$s=str_replace('TB.detailRate = ','',$s);
$s=trim(mb_convert_encoding($s,"utf-8","gb2312"));
$web=json_decode($s);
$arr=json_to_array($web);

$pjdf=$arr['scoreInfo']['merchandisScore'];
$pjdfnum=$arr['scoreInfo']['merchandisTotal'];
$pjarr=$arr['rateListInfo']['rateList'];
$pingjianum=$arr['rateListInfo']['paginator']['items'];
if($_GET['p']!='n'){
    //$page=$arr['rateListInfo']['paginator']['pages'];
    $totalpj=$arr['rateListInfo']['paginator']['items'];
    if($totalpj>100){
	    $totalpj=100;
    }
    $pagesize=20;
    echo $totalpj."@".$pjdf."@".$pjdfnum."@".$pingjianum."@"; //页数  分数  打分次数  评价人数
}

?>
<?php
foreach($pjarr as $row){
?>
<li style="width:740px; line-height:20px; border-bottom:1px solid #ddd;"><div style="float:left; width:580px; margin-left:10px; margin-top:5px; margin-bottom:5px;">
<?=$row->rateContent?><br><font color="#999999">[<?=$row->rateDate?>]</font></div><div style="float:right; width:140px; line-height:20px; margin-top:5px; margin-bottom:5px;">买家：<?=$row->displayUserNick?><?php if($row->displayRatePic!=''){?><br><img src="images/<?=$row->displayRatePic?>" /><?php }?>
</div></li>
<?php } 
}

function mall_comment(){
	$sj=date('Y-m-d H:i:s');
    if($_SESSION['duoduouser']=='' or $_SESSION['dduserid']==''){
	    echo '未登陆！';
		exit;
    }
	if($_POST['mall_name']=='' or $_POST['mall_id']=='' or $_POST['fen']=='' or $_POST['comment']==''){
	    echo '缺少必要参数';
		exit;
	}
	
	$tao_order_id=sel_sql('tradelist','Id','outer_code="'.$_SESSION['dduserid'].'"');
	if($tao_order_id<=0){
	    $mall_order_id=sel_sql('mall_order','id',"u_id='".$_SESSION['dduserid']."' and stat_desc='核对有效'");
		if($mall_order_id<=0){
		    echo 'error2';
		    exit;
		}
	}
	$lasttime=sel_sql('mall_comment','time',"user_id='".$_SESSION['dduserid']."' and mall_id='".$_POST['mall_id']."'",0);
	if(time()-strtotime($lasttime)<84400){
	    echo 'error1';
		exit;
	}
	$field_arr=array('mall_name'=>$_POST['mall_name'],'mall_id'=>$_POST['mall_id'],'user_name'=>$_SESSION['duoduouser'],'user_id'=>$_SESSION['dduserid'],'fen'=>$_POST['fen'],'comment'=>strip_tags($_POST['comment']),'time'=>$sj);
	insert_one_sql('mall_comment',$field_arr);
	echo '<div class="n_shang_3_4_101" style=" display:none" id="commenthide">
      <div class="t_p">
        <table width="738" cellspacing="0" cellpadding="0">
          <tr>
            <td width="50%" height="25" style="text-align:left">'.$_SESSION['duoduouser'].'</td>
            <td width="49%" height="25" style="text-align:right; padding-right:5px"><span class="color_19">'.$sj.'</span></td>
            <td width="1%"></td>
          </tr>
        </table>
      </div>
      <div class="t_p_t">
        <table width="628" cellspacing="0" cellpadding="0">
          <tr>
            <td colspan="2" style="width:628px;word-break : break-all; overflow:hidden;">
              评论内容：'.$_POST['comment'].'
            </td>
          </tr>
          <tr>
            <td width="23" height="20">
              <img src="template/'.MOBAN.'/images/icon_151.gif" width="14" height="13" />
            </td>
            <td width="605" height="20">
              <span class="color_19">
                评分等级：';
				for($i=0;$i<$_POST['fen'];$i++){
				echo '<img src="template/'.MOBAN.'/images/i_394.jpg" width="24" height="23" />';
				}
             echo '</span></td></tr></table></div></div>';
}

function save_dh(){
	global $BIAOTOU;
	$_POST['spid']=(int)$_POST['spid'];
    $dhlist=sel_sql('dhlist','name,num,money,jifen','id="'.$_POST['spid'].'" and hide=0');
	if(!$dhlist['name']){
	    over('不存在该商品');
	}
	$user=sel_sql('user','money,jifen,Id,ddusername,dhstate','Id="'.$_SESSION['dduserid'].'"');
	if(!$user['ddusername']){
	    over('您还没有登陆');
	}
	if($user['ddusername']==1){
	    over('您提交的申请正在处理');
	}
	if($dhlist['num']<=0){
	    over('该商品没有库存了');
	}
	if($_POST['fangshi']==1){
		if($user['money']<$dhlist['money']){
		    over('您的金额不足！');
		}
		else{
		    $info['spend']=$dhlist['money'];
		}
	}
	elseif($_POST['fangshi']==2){
	    if($user['jifen']<$dhlist['jifen']){
		    over('您的积分不足！');
		}
		else{
		    $info['spend']=$dhlist['jifen'];
		}
	}
	else{
	    exit;
	}
	$info['name']=$dhlist['name'];
	$info['ddusername']=$_SESSION['duoduouser'];
	$info['dduserid']=$_SESSION['dduserid'];
	$info['ip']=$_SERVER["REMOTE_ADDR"];
	$info['spid']=$_POST['spid'];
	$info['tbusername']=$_POST['tbusername'];
	$info['address']=$_POST['address'];
	$info['email']=$_POST['email'];
	$info['mobile']=$_POST['mobile'];
	$info['qq']=$_POST["qq"];
	$info['remarks']=strip_tags($_POST['remarks']);
	$info['addtime']=date('Y-m-d H-i-s');
	$info['shoptime']='';
	$info['status']=0;
	$info['fangshi']=$_POST['fangshi'];
	$id=insert_one_sql('dhdingdan', $info);
	if($id>0){
		if($_POST['fangshi']==2) $sql="update ".$BIAOTOU."user set dhstate=1,jifen=jifen-'".$dhlist['jifen']."' where Id='".$_SESSION['dduserid']."'";
		elseif($_POST['fangshi']==1) $sql="update ".$BIAOTOU."user set dhstate=1,money=money-'".$dhlist['money']."' where Id='".$_SESSION['dduserid']."'";
		mysql_query($sql);
		update_sql('dhlist',array('num'=>1),'id='.$info['spid'],2);
		echo 1;
	}
	else{
		over(mysql_error());
	}
}

function sign(){
	if(SIGNOPEN==0){exit;} 
	global $BIAOTOU;
	$name=$_SESSION['duoduouser'];
    $sql="select addtime from ".$BIAOTOU."mingxi where ddusername='".$name."' and shijian='每日签到' order by Id desc";
	$query=mysql_query($sql);
	$row=mysql_fetch_array($query);
	$addtime=$row['addtime'];
	if($addtime<date('Y-m-d 00:00:00')){
	    $sql="INSERT INTO `".$BIAOTOU."mingxi` (`ddusername`, `shijian`, `je`, `jifen`, `addtime`, `memo`) VALUES ('".$name."', '每日签到', '".SIGNMONEY."', '".SIGNJIFEN."', '".date('Y-m-d H:i:s')."', '每日签到奖励')";
	    if(mysql_query($sql)==''){echo mysql_error();exit;}
		$sql="update `".$BIAOTOU."user` set money=money+'".SIGNMONEY."',jifen=jifen+'".SIGNJIFEN."' where Id='".$_SESSION['dduserid']."'";
		if(mysql_query($sql)==''){echo mysql_error();exit;}
		echo 1;
	}
	else{
	    echo 0;
	}
}

$fun_arr=array('checkLogin','taobao_comment','cacheSize','mall_comment','save_dh','sign');
if(in_array($_GET['fun'],$fun_arr)) echo $reval=call_user_func($_GET['fun']);
else echo "what are doing";
mysql_close();
?>